Enterprise IT Context for the CTO

Bob Gourley

Subscribe to Bob Gourley: eMailAlertsEmail Alerts
Get Bob Gourley via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Blog Feed Post

What Business Users Should Do To Mitigate DDoS Threats

Bob Gourley

Businesses have long known of the threats of DDoS to their operation, and the security community has been watching this threat evolve to the point where we all need to take collective action to prevent attack.

  • Businesses of every size need to know what devices you have and what you have them for. This gets hard but must be done if you are to optimize your IT. If you don't understand what you have got you will never be able to keep systems patched and will have a hard time changing default passwords.
  • We are strong believers in using software defined perimeter approaches to understand who is who and what is what and only allowing authorized actions in your network.
  • Use a DNS firewall to reduce two major issues: 1) users visiting sites known to have malicious code that threatens your enterprise and 2) malicious code inside your enterprise that seeks to beacon out to its controller. We recommend Verisign's DNS Firewall. It provides cloud-based network security based on is built on Verisign's global recursive DNS platform.
  • Managed DNS is important as well. Make sure your provider of managed DNS services has a track record of reliability.
  • Also ensure your networking team understands the details of BCP38 on Network Ingress Filtering. This will defeat DDoS attacks that employ IP source address spoofing.
  • Businesses of all sizes should ensure you are tracking the cyber threat by signing up for the daily Threat Brief. This will provide strategic warning of threats and info on mitigation strategies.
  • Your network defenders should avail themselves of the powerful research tools of Passive Total. This will help keep them aware of threats in ways that will help them adjust defenses. A key benefit is tracking risks that exist totally out of your control.
  • Consider training your extended team on the cyber threat. One way to raise awareness is through our book, The Cyber Threat. This succinct overview articulates the threat in ways that inform and lead to collective action.
  • Have a backup communications plan. If your network is down and that same network carries all your data, video and voice, how will you get the word out to employees, suppliers, customers?

We also provide insights and tips aimed at the Home User and for Governments at Local, State and Federal levels. Please review and help get those tips into the right hands.

Read the original blog entry...

More Stories By Bob Gourley

Bob Gourley writes on enterprise IT. He is a founder of Crucial Point and publisher of CTOvision.com